Yours is not a unique sentiment, but I find it so disheartening. Vague laws enforced selectively are bad for the rule of law. Is the schadenfreude from sticking it to whatever American company is selected worth that?

No, it's just that American companies as a rule tend to have a dim view of privacy and some pushback against that is welcome.

As for enforcement, if you're a European company you have much more to be worried about since it is going to be much easier to go after you.

Selective enforcement is hopefully going to be limited to going after a couple of very prominent offenders after which the remainder will fall in line.

>Is the schadenfreude from sticking it to whatever American company is selected worth that?

No, but a correction is long overdue to signal to international companies that the primacy of politics still exists. How companies conduct themselves is determined by European law and European citizens, not businesses.

Companies have only themselves to blame for having brought it on. Whether it's skirting taxes, mistreating user-data or assisting in election-meddling, if companies are not willing to self-regulate they will be regulated. That's an overdue message to send.

That is a pretty naïve view of affairs. Practically all the banks even the European ones like HSBC, RBS etc have been complicit in committing all sorts of crime and continue to do so with impunity.

That's too close to what-about-ism for my tastes. I want those banks to be held responsible too, but I'll take just one or the other if I can't get both right now.

It is not the business of companies to self-regulate. Unless there is some kind of certification involved. Eg the gaming industry self regulates by having different ratings for games depending on their content. Such a thing is likely not possible everywhere, and especially for something as general as data, and thus legislative rememedies are required